Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/f4ad0f-0b30-41ff-a8d9-82ededa7fe7a/1/_U1S6-MybOxv1zkCGSBASjHiePw.roa
File: _U1S6-MybOxv1zkCGSBASjHiePw.roa (raw, json)
Hash identifier: fichNnAj0Ly1Q4XVA+oyjBattwr3hejG5yOKlMVvbBU=
Subject key identifier: FD:4D:52:EB:E3:32:6C:EC:6F:D7:39:02:19:20:40:4A:31:E2:78:FC
Certificate issuer: /CN=aaab6111e004c2a044f168b8d28273cf6744f3a8
Certificate serial: 018708A8B6EC9162323C93AC5CFD2C0F9882
Authority key identifier: AA:AB:61:11:E0:04:C2:A0:44:F1:68:B8:D2:82:73:CF:67:44:F3:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qqthEeAEwqBE8Wi40oJzz2dE86g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/f4ad0f-0b30-41ff-a8d9-82ededa7fe7a/1/_U1S6-MybOxv1zkCGSBASjHiePw.roa
Signing time: Wed 22 Mar 2023 09:31:27 +0000
ROA not before: Wed 22 Mar 2023 09:31:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200845
IP address blocks: 176.32.48.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:08:a8:b6:ec:91:62:32:3c:93:ac:5c:fd:2c:0f:98:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aaab6111e004c2a044f168b8d28273cf6744f3a8
Validity
Not Before: Mar 22 09:31:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fd4d52ebe3326cec6fd739021920404a31e278fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b3:4c:0e:7d:6e:5b:11:a3:2e:e4:54:3b:bf:
45:de:f8:0d:d9:dd:60:7f:80:2f:19:18:39:eb:be:
da:ec:c4:68:70:bb:71:d9:98:b9:c2:39:86:52:ff:
ce:f7:20:f5:84:0f:26:92:63:4e:2c:65:7a:c8:69:
66:28:ca:24:91:48:b2:f5:9b:11:41:51:0d:a9:3b:
7f:48:9e:bf:2c:3f:d4:8f:56:05:5b:ff:bc:92:0e:
76:96:47:b3:31:bc:48:c1:13:50:31:f1:b9:25:da:
85:5e:30:f9:c6:2d:b9:b6:9e:79:ce:8c:0a:67:10:
1d:8c:4f:7a:64:3a:12:9c:cf:88:84:74:18:80:5d:
c8:ec:57:22:ae:cf:11:e3:4d:4e:b6:8d:81:ac:f1:
30:ec:f1:ed:3c:e2:d2:66:27:b6:0a:36:de:f4:4a:
27:f8:9d:a5:42:04:0e:b9:fe:21:0b:79:af:bc:6b:
5a:aa:0f:0a:7b:44:69:44:65:53:c8:a1:c4:e4:ff:
e6:bf:c0:af:79:c4:30:c9:8d:5d:7e:2d:ea:f1:8b:
d1:b8:a9:01:4c:97:3b:39:06:9e:82:91:43:29:51:
06:b0:c8:ae:75:d3:d6:e0:37:62:f0:39:4a:99:f9:
d8:03:43:7e:a1:85:43:67:06:74:21:42:bd:df:88:
40:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:4D:52:EB:E3:32:6C:EC:6F:D7:39:02:19:20:40:4A:31:E2:78:FC
X509v3 Authority Key Identifier:
keyid:AA:AB:61:11:E0:04:C2:A0:44:F1:68:B8:D2:82:73:CF:67:44:F3:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qqthEeAEwqBE8Wi40oJzz2dE86g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/f4ad0f-0b30-41ff-a8d9-82ededa7fe7a/1/_U1S6-MybOxv1zkCGSBASjHiePw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/f4ad0f-0b30-41ff-a8d9-82ededa7fe7a/1/qqthEeAEwqBE8Wi40oJzz2dE86g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.48.0/23
Signature Algorithm: sha256WithRSAEncryption
00:25:bd:6a:02:74:1d:dd:bd:4e:e7:e2:71:ff:f2:00:28:ef:
e9:ee:c1:e3:c4:5b:73:42:d0:5b:b3:f3:c9:ca:d9:ce:ca:71:
00:c2:05:a3:ff:e0:05:f8:db:32:26:f9:d8:4f:43:62:e0:e7:
11:b1:1c:65:cd:a3:64:50:73:cd:4d:5a:21:3d:3d:2f:15:5b:
14:c6:b5:02:d8:92:3a:ac:3f:6b:f0:5c:4f:52:98:55:52:48:
ed:60:d8:01:c2:27:dd:37:dc:c5:06:01:a8:6d:06:78:2f:d7:
08:93:84:52:78:be:fa:bd:da:1f:99:99:32:a3:aa:02:2c:b3:
3e:ad:42:0a:fb:64:e5:37:81:75:cc:f5:01:61:f3:11:9e:df:
02:06:7d:d8:de:dc:d1:6e:c7:e6:1f:34:11:6e:b0:c1:ef:ea:
9a:fb:4c:a8:c9:41:d1:1d:a2:30:c0:20:19:8b:5e:1e:2a:8c:
fc:ed:60:eb:39:ae:60:a1:bc:b5:9c:a2:40:49:f3:9d:a4:51:
ad:1e:d3:d1:7d:5d:c5:1f:17:a9:2b:d0:f9:1f:4c:13:6f:73:
93:ad:bd:6b:c6:d6:18:04:cc:f7:7e:8e:01:92:bd:8d:e7:77:
31:92:bf:4d:01:78:2a:ca:cc:de:f3:28:fb:e5:b5:25:0b:82:
1a:dc:f5:fa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYcIqLbskWIyPJOsXP0sD5iCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhYWI2MTExZTAwNGMyYTA0NGYxNjhiOGQyODI3M2NmNjc0
NGYzYTgwHhcNMjMwMzIyMDkzMTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDRkNTJlYmUzMzI2Y2VjNmZkNzM5MDIxOTIwNDA0YTMxZTI3OGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbNMDn1uWxGjLuRUO79F3vgN2d1g
f4AvGRg5677a7MRocLtx2Zi5wjmGUv/O9yD1hA8mkmNOLGV6yGlmKMokkUiy9ZsR
QVENqTt/SJ6/LD/Uj1YFW/+8kg52lkezMbxIwRNQMfG5JdqFXjD5xi25tp55zowK
ZxAdjE96ZDoSnM+IhHQYgF3I7Fcirs8R401Oto2BrPEw7PHtPOLSZie2Cjbe9Eon
+J2lQgQOuf4hC3mvvGtaqg8Ke0RpRGVTyKHE5P/mv8CvecQwyY1dfi3q8YvRuKkB
TJc7OQaegpFDKVEGsMiuddPW4Ddi8DlKmfnYA0N+oYVDZwZ0IUK934hAHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP1NUuvjMmzsb9c5AhkgQEox4nj8MB8GA1UdIwQY
MBaAFKqrYRHgBMKgRPFouNKCc89nRPOoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXF0aEVlQUV3cUJFOFdpNDBvSnp6MmRFODZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9mNGFkMGYtMGIzMC00MWZmLWE4ZDkt
ODJlZGVkYTdmZTdhLzEvX1UxUzYtTXliT3h2MXprQ0dTQkFTakhpZVB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9mNGFkMGYtMGIzMC00MWZmLWE4ZDktODJlZGVkYTdmZTdh
LzEvcXF0aEVlQUV3cUJFOFdpNDBvSnp6MmRFODZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBsCAwMA0G
CSqGSIb3DQEBCwUAA4IBAQAAJb1qAnQd3b1O5+Jx//IAKO/p7sHjxFtzQtBbs/PJ
ytnOynEAwgWj/+AF+NsyJvnYT0Ni4OcRsRxlzaNkUHPNTVohPT0vFVsUxrUC2JI6
rD9r8FxPUphVUkjtYNgBwifdN9zFBgGobQZ4L9cIk4RSeL76vdofmZkyo6oCLLM+
rUIK+2TlN4F1zPUBYfMRnt8CBn3Y3tzRbsfmHzQRbrDB7+qa+0yoyUHRHaIwwCAZ
i14eKoz87WDrOa5goby1nKJASfOdpFGtHtPRfV3FHxepK9D5H0wTb3OTrb1rxtYY
BMz3fo4Bkr2N53cxkr9NAXgqysze8yj75bUlC4Ia3PX6
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:16:26 2025 by rpki-client